Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ccccff
langc
jmp_buf buf;

void f(void) {
  volatile int i = 0;
  if (setjmp(buf) != 0) {
    printf("%i\n", i);
    /* ... */
  }
  i = 2;
  g();
}

void g(void) {
  /* ... */
  longjmp(buf, 1);
}

Risk Assessment

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC22-C

Low

Probable

Medium

P4

L3

Automated Detection

Use of setjmp() and longjmp()
ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

BADFUNC.LONGJMP

BADFUNC.SETJMP

Use of longjmp

Use of setjmp

LDRA tool suite
Include Page
LDRA_V
LDRA_V
43 SEnhanced enforcement
Parasoft C/C++test
9.5MISRA2004-20_7Use
Include Page
Parasoft_V
Parasoft_V

CERT_C-MSC22-a

The setjmp macro and the longjmp function shall not be used
Polyspace Bug Finder
R2016a

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. MSC22-CChecks for use of setjmp/longjmp

setjmp and longjmp cause deviation from normal control flow

(rec. fully covered)


SonarQube C/C++ Plugin
Include Page
SonarQube C/C++ Plugin_V
SonarQube C/C++ Plugin_V
S982
 

 



...